Black Hat Windows Security 2002 Speakers Announced

B.K. DeLong
Fri, 21 Dec 2001 11:21:20 -0500

For Immediate Release


B.K. DeLong


Special focus on SQL vulnerabilities -- 21 December 2001 -- Black Hat Inc. announced 
today over 18 different speakers for this spring's Black Hat Windows 
Security Briefings and Training 2002, the annual conference and workshop 
designed to help computer professionals better understand the security 
risks to their Microsoft Windows systems and information infrastructures by 
potential threats. Speaker presentations will cover Protocol Attacks, 
Voice-over-IP, Oracle vulnerabilities, Windows Group Policy, and NTLMv2 
Authentication as well as General Windows Exploits, Data Recovery, Incident 
Investigation & Response, and Better Protection Practices. There is also a 
special focus on Microsoft SQL vulnerabilities and how to both exploit and 
fix them. Black Hat Windows will be held at the Radisson Hotel in the heart 
of New Orleans, 5 through 6 February, 2002.

Top-notch speakers will deliver to the conference's core audience of IT & 
network security experts, consultants and administrators the newest 
developments on the security problems and vital issues facing organizations 
using Windows-centric networks.

"Our goal was to find speakers who could identify and explain security 
vulnerabilities in some of the newer Microsoft products," says Jeff Moss, 
founder of Black Hat Inc. "We've chosen some of the top speakers in the 
world of Windows security who's talks should offer great insight into even 
the most-recent vulnerabilities in Windows XP, Oracle and other 
Windows-based software."

The lineup of Black Hat Windows Security Briefings presenters for 2001 include:

          -- FX, leader of the German Phenoelit group and a Security 
Solution Consultant at n.runs GmbH. He will be covering "Routing and 
Tunneling Protocol Attacks".

         -- Chip Andrews, Software Security Architect for the Clarus 
Corporation. Andrews has been a software developer and an independent 
computer security consultant for more than 16 years and specializes in 
applying the skills obtained through security consulting to every aspect of 
product development. Chip maintains the web site that 
focuses on SQL Server security issues and will be presenting "MS SQL Server 
Security Mysteries Explained".

         -- Ofir Arkin, Managing Security Architect for @stake. With 
extensive knowledge in the information security field, Ofir Arkin has 
worked as a consultant for several European finance institutes where he 
played the rule of Senior Security Analyst, and Chief Security Architect in 
major projects. Prior to joining @stake Ofir acted as chief security 
architect for a 4th generation telecom company, were he designed the 
overall security scheme for the company. Arkin will be speaking about 
"VoIP: The Next Generation of Phreaking".

         -- Jay Beale, founder of JJB Security Consulting and Training, and 
Lead Developer of the Bastille Linux Project which creates a hardening 
program for Linux and HP-UX. Beale will cover "Attacking and Defending DNS".

         -- Erik Pace Birkholz, a Principal Consultant for Foundstone. 
Erik's prime area of concentration is assessing Internet and Intranet 
security architectures and their components. Erik has performed nearly a 
hundred of attack & penetration tests since he began his career in 1995. 
Erik also instructs Foundstone's "Ultimate Hacking: Hands On" and "Ultimate 
NT/2000 Security: Hands On" courses. Birkholz will be detailing "How to Fix 
A Broken Window".

         -- Harlan Carvey, Information Security Consultant.  Conducting 
vulnerability assessments and penetration tests of NT led to a growth in 
his use of Perl, in order to prototype both offensive and defensive 
security tools. Performing incident response and forensics investigations 
at a large telecomm presented him with many interesting challenges and 
learning experiences. Harlan has had articles published on, as well as in the Information Security Bulletin. He 
holds a BSEE from the Virginia Military Institute, and an MSEE from the 
Naval Postgraduate School. Carvey will be looking into "NT/2K Incident 
Response and Mining for Hidden Data: Post Mortem of a Windows Box".

         -- Halvar Flake, Reverse Engineer, Black Hat Consulting. 
Originating in the fields of copy protection and digital rights management, 
Flake gravitated more and more towards network security. Over time he 
realized that constructive copy protection is more or less fighting 
windmills. After writing his first few exploits he was hooked and realized 
that reverse engineering experience is a very handy asset when dealing with 
COTS software. With extensive experience in reverse engineering, network 
security, penetration testing and exploit development he recently joined 
BlackHat as their primary reverse engineer. Flake will be exposing "Third 
Generation Exploits on NT/Win2k Platforms".

         -- Raymond Forbes (aka Rooster) has been involved with security 
for over 15 years. An expert in network security and infrastructure design, 
Raymond has dealt with security both on a product level, and on an IT 
level. Currently, he is doing security evaluations and design for a large 
content provider. Forbes will be covering "Active Directory & Group Policy 
in Windows 2000".

         -- JD Glaser and Saumil Shah, Security Consultants for Foundstone. 
Glaser specializes in Windows NT system software development and COM/DCOM 
application development. His most recent achievement was the successful 
formation of NT OBJECTives, Inc., a software company exclusively centered 
on building NT security tools. Saumil has had over 6 years of experience 
with system administration, network architecture, integrating heterogeneous 
platforms and information security, and has performed numerous ethical 
hacking exercises for many significant companies in the IT arena. Both will 
be speaking about "One-Way SQL Hacking: Futility of Firewalls in Web Hacking".

         -- Jim Harrison, Microsoft tester with the Subscription Products 
Group. As a known authority of ISA Server's vast enterprise configuration 
options, Jim consults for various Microsoft groups on proper deployment and 
installation of the product. Currently, Jim is engaged in different test 
projects designing integrated solutions for Microsoft's intra- and 
extranets. He will be reviewing the art of "Deploying and Securing 
Microsoft Internet Security and Acceleration Server".

         -- David Litchfield, Managing Director & Co-Founder, Next 
Generation Security Software. Known as the UK's NT Guru by ZDNet, David is 
a world-renowned security expert specializing in Windows NT and Internet 
security. His discovery and remediation of over 100 major vulnerabilities 
in products such as Microsoft's Internet Information Server and Oracle's 
Application Server have lead to the tightening of sites around the world. 
Litchfield will be looking into "Oracle Vulnerabilities" including the two 
security issues in the Oracle Apache Module he announced yesterday.

         -- Timothy Mullen, CIO and Chief Software architect, AnchorIS.Com. is a developer of secure enterprise-based accounting 
solutions.  Mullen is also a columnist for Security Focus' Microsoft Focus 
section, and a regular contributor of InFocus technical articles. He will 
be giving a presentation about "Web Vulnerability and SQL Injection 
Countermeasures: Securing Your Servers From the Most Insidious of Attacks".

         -- Laura Robinson, Independent Consultant and Trainer. Robison is 
a Microsoft Certified Trainer and Systems Engineer on both NT and Windows 
2000; a Certified Lotus Professional Systems Administrator, Application 
Developer and Instructor; and an instructor for Real World Security's 
@ctive Defense education series. She will be speaking on "The Devil Inside: 
Planning Security in Active Directory Design".

         -- Eric Schultz, Senior Technologist, Microsoft Security 
Strategies Group. Schultz has memorized every security hotfix ever released 
by Microsoft in a security bulletin. In his spare time, he maintains the 
Microsoft hotfix XML database and designs new features for HFNetChk. Eric 
is a former Founder of Foundstone, co-creator of the Extreme/Ultimate 
Hacking training classes, and technical editor for the Hacking Exposed: 
Windows 2000 book. Schultz will tell attendees "How to keep up with all 
those frickin security patches".

         -- Roelof Temmingh, Technical Director and Founding Member, 
SensePost. After obtaining his degree in electronic engineering in 1995, he 
started his career working as a programmer at a cutting edge development 
company specializing in data encryption devices. Establishing SensePost 
along with some of South Africa's leading IT security minds Roelof is 
currently involved in the coding of proof of concept code, and the 
practical realization of complex security concepts. Temmingh will cover 
"Bi-directional Communications in a Heavily Protected Environment".

         -- Jonathan Wilkins, Security Tool Developer. Wilkins has been 
active in the security community since the early 1990's. He worked for 
Secure Networks Inc developing Ballista (now Network Associate's CyberCop 
Scanner) and at Zero Knowledge on the Freedom privacy suite. He has 
released several security tools including NTCrack and has been publishing 
security research since 1996. Wilkins will introduce attendees to 
"Taranis", a security research tool that "redirects traffic on switch 
hardware by sending spoofed ethernet traffic".

         -- Hidenobu Seki (aka Urity), Network Security Specialist, Seki has a deep interest in the authentication system 
of MS Windows and will show the details of "Cracking NTLMv2 Authentication".

Black Hat Windows Training includes 7 different sessions and will occur 
prior to the Briefings portion of the conference 5 through 6 February, 
2002. Workshops will primarily focus on the Windows 2000 platform and also 
touch upon Windows NT, general Windows Web applications and ICMP scanning.

Courses include:

-- Advanced Scanning with ICMP
-- Auditing Binaries: Reverse Engineering Windows 2000
-- Complete Windows 2000 Security
-- NT Network Intrusion
-- Secure Development of Data-Driven Web Applications
-- NSA InfoSec Assessment Methodology Course
-- Foundstone's Ultimate Hacking: Black Hat Edition

For more details, check the conference Web site at

Other special features of this year's Black Hat Windows Security conference 
include that the dates are just after the Super Bowl XXXVI being held at 
the nearby Louisiana Superdome two days before the show, and in the days 
following the conference, attendees can experience New Orleans' Mardi Gras 
-- where the main parade goes right past the hotel (special negotiations 
occurred to allow attendees to book their hotel rooms as early as Feb. 1st 
all the way through Mardi Gras on Feb. 12th).

Attendees will also have access to a wireless network during the show.

To register for BlackHat Windows Security Briefings and Training, visit the 
Web site at Direct any conference-related 
questions to

For press registration information, visit Contact B.K. DeLong at 
+1.617.877.3271 or via email at

About Black Hat Inc.

Black Hat Inc. was originally founded in 1997 by Jeff Moss to fill the need 
for computer security professionals to better understand the security risks 
and potential threats to their information infrastructures and computer 
systems. Black Hat accomplishes this by assembling a group of 
vendor-neutral security professionals and having them speak candidly about 
the problems businesses face and their solutions to those problems. Black 
Hat Inc. produces 5 briefing & training events a year on 3 different 
continents. Speakers and attendees travel from all over the world to meet 
and share in the latest advances in computer security. For more 
information, visit their Web site at


B.K. DeLong
Press Coordinator
Black Hat Briefings